Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f852d978-23e6-49f4-9d03-547fcdc12c82.roa
File:                     f852d978-23e6-49f4-9d03-547fcdc12c82.roa (raw, json)
Hash identifier:          VkvBMf46ZyDpLNN1WbW06MReCTSC/QcGPAWF6fCmHj0=
Subject key identifier:   50:17:57:AF:0B:DA:10:E2:3C:F0:D3:95:FD:F4:B3:9D:39:F1:DD:E7
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7C03DD1D809A1A82E2E65CCC6BD0416D0CF83C06
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f852d978-23e6-49f4-9d03-547fcdc12c82.roa
Signing time:             Sat 25 Oct 2025 00:10:38 +0000
ROA not before:           Sat 25 Oct 2025 00:10:38 +0000
ROA not after:            Sat 29 Nov 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        16.180.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7c:03:dd:1d:80:9a:1a:82:e2:e6:5c:cc:6b:d0:41:6d:0c:f8:3c:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 25 00:10:38 2025 GMT
            Not After : Nov 29 23:59:59 2025 GMT
        Subject: serialNumber=4294f7a8521396569a012730ad64488d9da71da7946e37db66f3fede4c1fa5c0, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:3c:c4:33:42:4b:49:bd:22:09:fd:27:68:f9:
                    a1:c7:28:0b:ae:85:f3:42:35:6c:dc:65:96:99:d0:
                    07:73:1f:29:cd:df:d8:ba:b4:72:88:9b:6c:7e:3e:
                    a9:8b:87:12:38:22:3b:1e:d6:50:41:d7:5a:29:00:
                    79:35:dc:de:eb:6a:ca:81:e2:1e:3a:b4:5e:b7:ba:
                    49:e8:e3:a5:11:6c:63:63:1e:38:6d:ef:04:9b:a2:
                    db:1f:5f:ca:32:94:de:17:e0:38:d0:67:9e:66:95:
                    3c:cd:fe:76:af:68:5f:ec:15:89:b2:ec:34:e8:71:
                    05:3b:93:8d:e9:75:11:54:3f:9a:b2:f3:ca:8a:61:
                    9a:58:5d:65:bb:1c:a0:0e:4f:b2:bf:9a:a0:6d:e2:
                    dc:7b:25:74:05:75:2d:c5:50:9b:8a:e0:86:75:f4:
                    5e:ba:cb:61:41:c1:7a:4e:0f:d8:1d:17:f5:7b:ad:
                    06:0c:27:9b:da:30:79:30:bf:1e:13:9f:fc:a6:d9:
                    0c:59:b4:3d:fb:b7:53:13:c8:26:30:69:6a:3c:3c:
                    cc:5b:92:4c:fc:0d:cb:61:b9:2f:d8:fe:b4:da:9b:
                    0f:f5:9c:3b:9e:20:17:3e:3c:a9:72:23:51:1d:dd:
                    65:f0:c7:e4:80:58:eb:49:f9:87:91:de:22:54:8d:
                    e1:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:17:57:AF:0B:DA:10:E2:3C:F0:D3:95:FD:F4:B3:9D:39:F1:DD:E7
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f852d978-23e6-49f4-9d03-547fcdc12c82.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.180.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         c7:0f:64:7c:57:d9:94:bd:f8:4b:ca:79:02:f3:19:c6:40:28:
         35:6d:86:98:68:c4:93:1d:09:b1:06:62:02:77:31:21:9d:cc:
         3e:7f:76:0a:1a:7d:92:ac:50:ab:ac:f8:42:76:e0:ef:16:64:
         50:60:2e:61:f4:e6:f4:66:34:eb:ed:08:31:ac:63:a8:7a:62:
         b0:61:70:40:a5:1d:14:26:ff:0c:1c:9e:af:e7:fe:ef:ea:a3:
         95:a7:3e:90:b0:e7:a2:5d:92:27:79:ae:a5:7f:8b:a7:68:72:
         b5:79:24:6e:36:86:24:34:1a:75:5d:15:79:58:4a:d8:9e:f8:
         23:bc:ce:3b:6d:29:df:ab:6f:39:be:f8:31:6e:49:9a:cd:ad:
         d4:91:d3:87:09:ca:0f:2a:20:ab:f6:30:c1:c4:f1:32:33:b4:
         0c:bd:04:09:62:92:1c:d1:ab:3c:4c:0f:94:5e:f5:cd:63:d0:
         1e:60:63:eb:94:57:c7:e2:fc:47:fb:b5:28:63:a6:e0:ee:df:
         c3:84:02:07:70:4d:21:67:bd:fd:52:21:ef:ef:66:d9:67:3a:
         e8:94:08:a8:df:0d:d9:89:b0:4a:5b:f4:77:24:2d:e9:f0:a4:
         a5:ab:1e:a4:6a:6f:e2:bf:8c:33:a6:2d:ea:77:90:e9:13:8d:
         bd:b5:bc:dc
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUfAPdHYCaGoLi5lzMa9BBbQz4PAYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDI1MDAxMDM4WhcNMjUxMTI5MjM1OTU5
WjB6MUkwRwYDVQQFE0A0Mjk0ZjdhODUyMTM5NjU2OWEwMTI3MzBhZDY0NDg4ZDlk
YTcxZGE3OTQ2ZTM3ZGI2NmYzZmVkZTRjMWZhNWMwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCmPMQzQktJvSIJ/Sdo+aHHKAuuhfNCNWzcZZaZ0AdzHynN
39i6tHKIm2x+PqmLhxI4Ijse1lBB11opAHk13N7rasqB4h46tF63ukno46URbGNj
Hjht7wSbotsfX8oylN4X4DjQZ55mlTzN/navaF/sFYmy7DTocQU7k43pdRFUP5qy
88qKYZpYXWW7HKAOT7K/mqBt4tx7JXQFdS3FUJuK4IZ19F66y2FBwXpOD9gdF/V7
rQYMJ5vaMHkwvx4Tn/ym2QxZtD37t1MTyCYwaWo8PMxbkkz8DcthuS/Y/rTamw/1
nDueIBc+PKlyI1Ed3WXwx+SAWOtJ+YeR3iJUjeHBAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUUBdXrwvaEOI88NOV/fSznTnx3ecwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2Y4NTJkOTc4LTIzZTYtNDlmNC05ZDAzLTU0N2ZjZGMxMmM4Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQtDANBgkqhkiG9w0BAQsFAAOCAQEAxw9kfFfZlL34S8p5AvMZxkAoNW2G
mGjEkx0JsQZiAncxIZ3MPn92Chp9kqxQq6z4Qnbg7xZkUGAuYfTm9GY06+0IMaxj
qHpisGFwQKUdFCb/DByer+f+7+qjlac+kLDnol2SJ3mupX+Lp2hytXkkbjaGJDQa
dV0VeVhK2J74I7zOO20p36tvOb74MW5Jms2t1JHThwnKDyogq/YwwcTxMjO0DL0E
CWKSHNGrPEwPlF71zWPQHmBj65RXx+L8R/u1KGOm4O7fw4QCB3BNIWe9/VIh7+9m
2Wc66JQIqN8N2YmwSlv0dyQt6fCkpasepGpv4r+MM6Yt6neQ6RONvbW83A==
-----END CERTIFICATE-----